Head of IT Security Operations 9/14/2016
JOB DESCRIPTIONAPPLY Job Description
This position can be located in Illinois or Massachusetts!
The Head of Security Operations manages the day-to-day operations of information security services. He or she directs and controls the activities of security operations teams with overall responsibility for the direction of security operations and has overall responsibility for planning and implementing budget to deliver successful security operations outcomes. He or she will serve as the prime internal and external contact for security operations leadership and will conduct briefings and technical meetings for the IT leadership and external stakeholders.
He or she will collaborate with other Security team leads and IT peers to facilitate the design, development, testing, and implementation of enhancements and projects for information security and provides input into the development of security policies and standards. He or she is responsible for establishing and driving a framework that delivers excellence in security operations outcomes and for identifying and executing continual service improvement plans across all security and data protection services, both with internal teams and in the management of multiple outsourced security operations partners.
Primary focuses of the program include managing internal and external resources to:
Proactively assess for vulnerabilities, evaluate systems risk disposition and promote required remediation with stakeholders;
Conducts risk modeling based on real time threat awareness and internal systems configurations and asset dispositions
Determine requirements for secure application development, manage application security testing resources and oversee remediation requirements
Deliver proactive cyber threat intelligence feeds and methods to operationalize threat data proactively into security controls;
Manage resources to hunt for active threats and compromises. He or she reports on suspected breaches, and manages cyber incident response by engaging with key stakeholders.
Delivers security assurance services (configuration oversight, change reviews and event and audit management); enforces security policies and procedures across data center, networks, databases, and applications both on premise and in Cloud sourced services
Manage security assurance for advanced identity and access management functions. These functions include monitoring and audit of the creation and use of privileged accounts, cloud-based accounts, federated accounts, and monitoring for account misuse.
Manages information monitoring, protection and loss prevention services for on premise and cloud based systems,
Assemble pertinent security risk metrics and provide effective reporting and dashboards.
The Head of Security Operations ensures that security partners, vendors, and cross-functional organizations deliver services that respond proactively to the voice of the customer. He or she also directs Shire s outsourced service provider for security and information management services to ensure services are delivered to contractual stipulations including SLAs.
50%-Manage Run Activities
Drive and ensure operational excellence across all current and new security operations services
Manage the contracted security and identity management services with Shire s service providers
Meet or exceed published service levels associated with security services
Provide accountability for all security major incidents, engaging Infrastructure and Information Security & Compliance colleagues as appropriate
Provide support for major incidents through the Infrastructure on-call rotation program
Partner with Information Security & Compliance team on establishing new security policies, practices, tools and technologies
Represent operational view of service offerings into Information Security & Compliance considerations
Raise awareness of security service trends as input to strategic direction and road mapping exercises
Partner with Information Security & Compliance on the introduction of new security operational services
Develop and execute continual service improvement plan for all security services
Direct (in conjunction with Infrastructure Portfolio Manager and service providers) the portfolio of projects associated with the continual service improvement
Establish and manage the budgets, both capital and operating, for all security operational services
Ensure that Shire is getting full value for all security hardware, software and services
Seek opportunities to drive down year-on-year spend for like services
EDUCATION & EXPERIENCE REQUIREMENTS
BS degree or equivalent experience (required)
10+ years of IT Experience with 8+ years of operations management experience (required)
8+ years of experience managing outsourced IT service providers and managing off-shore resources
Knowledge of networks, firewalls, proxies, and security technical risks related to key platforms (required)
Experience with the breadth of existing and pending security and identity management tools including: Active Directory, security certificates, DNS/DHCP, firewall, content filtering, intrusion detection, security and event monitoring (Envision), external authentication (OKTA), edge/backbone controls, endpoint security, file permissions and auditing (Varonis) (required)
Shire is the leading global biotechnology company focused on serving people with rare diseases and other highly specialized conditions. We have best-in-class products available in more than 100 countries across core therapeutic areas including Hematology, Immunology, Neuroscience, Lysosomal Storage Disorders, Gastrointestinal / Internal Medicine / Endocrine and Hereditary Angioedema; a growing franchise in Oncology; and an emerging, innovative pipeline in Ophthalmics.
Our employees come to work every day with a shared mission: to develop and deliver breakthrough therapies for the hundreds of millions of people in the world affected by rare diseases and other high-need conditions, and who lack effective therapies to live their lives to the fullest.
EQUAL EMPLOYMENT OPPORTUNITY
Shire is an equal opportunity employer. Shire evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, protected veteran status, disability/handicap status or any other legally protected characteristic.
EEO is the Law
EEO is the Law - Supplement
Pay Transparency Policy
Shire is committed to working with and providing reasonable accommodation to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application process, or in order to perform the essential functions of a position, please call 484-595-8400 and let us know the nature of your request and your contact information.